1. Field of the Invention
This invention relates to computer systems and, more particularly, to file-based storage systems.
2. Description of the Related Art
Computer systems often process large quantities of information, including application data and executable code configured to process such data. In numerous embodiments, computer systems provide various types of mass storage devices configured to store data, such as magnetic and optical disk drives, tape drives, etc. To provide a regular and systematic interface through which to access their stored data, such storage devices are frequently organized into hierarchies of files by software such as an operating system. Often a file defines a minimum level of data granularity that a user can manipulate within a storage device, although various applications and operating system processes may operate on data within a file at a lower level of granularity than the entire file.
Increasingly, computer systems are under threat by malicious or errant software applications that may cause corruption or destruction of file data. For example, viruses, worms, and other rogue software may infect a computer system. In some instances, such malicious software may randomly or deliberately erase data stored within data files. Such software may also attempt to conceal itself by modifying the behavior of existing program files, which otherwise might not be suspected of malicious behavior. In other instances, a program may malfunction due to an a programming or hardware error or another event that changes its behavior, which may in turn cause corruption of file contents.
Regardless of its source, the consequences of data or program file corruption may be severe, resulting in potentially unrecoverable data loss or system failure. Techniques to prevent malicious corruption tend to center around identifying known threats (such as known viruses, worms, etc.) and quarantining them before they cause serious damage. Disciplined hardware and software design and testing practices hope to mitigate accidental corruption due to program error, by testing for known areas of design vulnerability. However, new malicious threats are constantly emerging, and it is difficult if not impossible to verify that a computer system and its software are entirely error-free. Thus, existing practices that are directed towards causes and modes of corruption generally cannot verify that a set of files are known definitively to be in an uncorrupted state, because the possibility of an unknown agent of corruption cannot be eliminated. Brute force methods, such as comparing the entire contents of a file against a copy believed to be good (i.e., a golden copy), may enable detection of file corruption, but such methods are exorbitantly expensive to implement with regularity for large quantities of data. Further, the golden copy may itself be vulnerable to corruption.